While investigating CVE-2008-0889 affecting Red Hat Directory Server 8 / Fedora
Directory Server, it was discovered that Red Hat Directory Server 7.1 RPMS
create directory /opt/redhat-ds/java/jars as world writable, allowing local
users to remove .jar files in this directory and replace them with modified
ones, leading to a privilege escalation.
This issue did not affect Red Hat Directory Server 7.1 for Solaris and HP-UX.
Permissions of jars directory on those platforms were set correctly.